Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2016-9578

Опубликовано: 27 июл. 2018
Источник: nvd
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:spice_project:spice:*:*:*:*:*:*:*:*
Версия до 0.13.90 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 87%
0.03335
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20
CWE-20

Связанные уязвимости

ubuntu логотип

CVE-2016-9578

CVSS3: 7.5
ubuntu
больше 7 лет назад

A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.

redhat логотип

CVE-2016-9578

CVSS3: 7.5
redhat
почти 9 лет назад

A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.

debian логотип

CVE-2016-9578

CVSS3: 7.5
debian
больше 7 лет назад

A vulnerability was discovered in SPICE before 0.13.90 in the server's ...

github логотип

GHSA-9m3r-8p8r-j38x

CVSS3: 7.5
github
больше 3 лет назад

A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.

suse-cvrf логотип

openSUSE-SU-2017:0421-1

suse-cvrf
почти 9 лет назад

Security update for spice

EPSS

Процентиль: 87%
0.03335
Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20
CWE-20